{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T18:45:26Z","timestamp":1770749126604,"version":"3.50.0"},"publisher-location":"Cham","reference-count":52,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319269603","type":"print"},{"value":"9783319269610","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-26961-0_9","type":"book-chapter","created":{"date-parts":[[2015,12,16]],"date-time":"2015-12-16T13:07:52Z","timestamp":1450271272000},"page":"139-158","source":"Crossref","is-referenced-by-count":9,"title":["Introducing Dynamic Identity and Access Management in Organizations"],"prefix":"10.1007","author":[{"given":"Michael","family":"Kunz","sequence":"first","affiliation":[]},{"given":"Ludwig","family":"Fuchs","sequence":"additional","affiliation":[]},{"given":"Matthias","family":"Hummer","sequence":"additional","affiliation":[]},{"given":"G\u00fcnther","family":"Pernul","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,31]]},"reference":[{"key":"9_CR1","unstructured":"Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL 1.2). Submission to W3C (2003)"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Aubert, J., Gateau, B., Incoul, C., Feltus, C.: SIM: an innovative business-oriented approach for a distributed access management. In: Proceedings of the 3rd International Conference on Information and Communication Technologies: From Theory to Applications (ICTTA), pp. 1\u20136 (2008)","DOI":"10.1109\/ICTTA.2008.4530322"},{"key":"9_CR3","unstructured":"Basel Committee on Banking Supervision: Basel III - A Global Regulatory Framework for More Resilient Banks and Banking Systems (2011)"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Beckerle, M., Martucci, L.A.: Formal definitions for usable access control rule sets from goals to metrics. In: Proceedings of the 9th Symposium on Usable Privacy and Security (SOUPS), p. 2 (2013)","DOI":"10.1145\/2501604.2501606"},{"issue":"5","key":"9_CR5","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1109\/TSE.2006.49","volume":"32","author":"R Bhatti","year":"2006","unstructured":"Bhatti, R., Bertino, E., Ghafoor, A.: X-FEDERATE: a policy engineering framework for federated access management. IEEE Trans. Softw. Eng. 32(5), 330\u2013346 (2006)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"3","key":"9_CR6","first-page":"131","volume":"2","author":"KZ Bijon","year":"2013","unstructured":"Bijon, K.Z., Krishman, R., Sandhu, R.: Constraints specification in attribute based access control. Science 2(3), 131 (2013)","journal-title":"Science"},{"key":"9_CR7","unstructured":"Buecker, A., Andrews, S., Forster, C., Harlow, N., Lu, M., Muppidi, S., Norvill, T., Nye, P., Waller, G., White, E.T.: IT Security Policy Management Usage Patterns Using IBM Tivoli Security Policy Manager. IBM Redbooks (2011)"},{"issue":"5","key":"9_CR8","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1109\/MC.2009.143","volume":"42","author":"DW Chadwick","year":"2009","unstructured":"Chadwick, D.W., Inman, G.: Attribute aggregation in federated identity management. IEEE Comput. 42(5), 33\u201340 (2009)","journal-title":"IEEE Comput."},{"key":"9_CR9","unstructured":"Elliott, A., Knight, S.: Role explosion: acknowledging the problem. In: Proceedings of the International Conference on Software Engineering Research and Practice (SERP), pp. 349\u2013355 (2010)"},{"key":"9_CR10","unstructured":"Fuchs, L., Kunz, M., Pernul, G.: Role model optimization for secure role-based identity management. In: Proceedings of the 22nd European Conference on Information Systems (ECIS) (2014)"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1007\/978-3-540-89862-7_24","volume-title":"Information Systems Security","author":"L Fuchs","year":"2008","unstructured":"Fuchs, L., Pernul, G.: HyDRo \u2013 hybrid development of roles. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 287\u2013302. Springer, Heidelberg (2008)"},{"issue":"1","key":"9_CR12","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1007\/BF03340780","volume":"50","author":"L Fuchs","year":"2013","unstructured":"Fuchs, L., Pernul, G.: Qualit\u00e4tssicherung im Identity- und Access Management. HMD Praxi. Wirtschaftsinformatik 50(1), 88\u201397 (2013)","journal-title":"HMD Praxi. Wirtschaftsinformatik"},{"issue":"8","key":"9_CR13","doi-asserted-by":"publisher","first-page":"748","DOI":"10.1016\/j.cose.2011.08.002","volume":"30","author":"L Fuchs","year":"2011","unstructured":"Fuchs, L., Pernul, G., Sandhu, R.: Roles in information security - a survey and classification of the research area. Comput. Secur. 30(8), 748\u2013769 (2011)","journal-title":"Comput. Secur."},{"key":"9_CR14","unstructured":"Gartner: Gartner IAM 2020 Predictions. http:\/\/www.avatier.com\/products\/identity-management\/resources\/gartner-iam-2020-predictions\/"},{"issue":"5","key":"9_CR15","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1109\/TDSC.2013.42","volume":"11","author":"P Gupta","year":"2014","unstructured":"Gupta, P., Stoller, S.D., Xu, Z.: Abductive analysis of administrative policies in rule-based access control. IEEE Trans. Dependable Secure Comput. 11(5), 412\u2013424 (2014)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Hamlen, K., Liu, P., Kantarcioglu, M., Thuraisingham, B., Yu, T.: Identity management for cloud computing: developments and directions. In: Proceedings of the 7th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW), p. 32 (2011)","DOI":"10.1145\/2179298.2179333"},{"issue":"1","key":"9_CR17","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1016\/j.comnet.2011.09.014","volume":"56","author":"W Han","year":"2012","unstructured":"Han, W., Lei, C.: A survey on policy languages in network and security management. Comput. Netw. 56(1), 477\u2013489 (2012)","journal-title":"Comput. Netw."},{"key":"9_CR18","unstructured":"Heinrich, B., Kaiser, M., Klier, M.: How to measure data quality? a metric-based approach. In: Proceedings of the 6th International Conference on Computer and Information Science (ICIS) (2007)"},{"issue":"1","key":"9_CR19","first-page":"42","volume":"25","author":"A Hovav","year":"2009","unstructured":"Hovav, A., Berger, R.: Tutorial: identity management systems and secured access control. Commun. Assoc. Inf. Syst. 25(1), 42 (2009)","journal-title":"Commun. Assoc. Inf. Syst."},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Hu, V.C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) Definition and Considerations. Technical report NIST SP 800\u2013162 (2014)","DOI":"10.6028\/NIST.SP.800-162"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Huang, J., Nicol, D.M., Bobba, R., Huh, J.H.: A framework integrating attribute-based policies into role-based access control. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 187\u2013196 (2012)","DOI":"10.1145\/2295136.2295170"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Hummer, M., Kunz, M., Netter, M., Fuchs, L., Pernul, G.: Advanced identity and access policy management using contextual data. In: Proceedings of the 11th Internatinal Conference on Availability, Reliability and Security (ARES) (2015)","DOI":"10.1109\/ARES.2015.40"},{"key":"9_CR23","unstructured":"Iso: ISO\/IEC 27000 Information Technology \u2013 Security Techniques \u2013 Information Security Management Systems \u2013 Overview and Vocabulary (2009)"},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-31540-4_4","volume-title":"Data and Applications Security and Privacy XXVI","author":"X Jin","year":"2012","unstructured":"Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41\u201355. Springer, Heidelberg (2012)"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Jin, Z., Xu, J., Xu, M., Zheng, N.: An attribute-oriented model for identity management. In: Proceedings of the International Conference on E-Education, E-Business, E-Management and E-Learning (IC4E), pp. 440\u2013444 (2010)","DOI":"10.1109\/IC4E.2010.55"},{"key":"9_CR26","unstructured":"Kunz, M., Fuchs, L., Netter, M., Pernul, G.: Analyzing quality criteria in role-based identity and access management. In: Proceedings of the 1st International Conference on Information Systems Security and Privacy (ICISSP) (2015)"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Kunz, M., Hummer, M., Fuchs, L., Netter, M., Pernul, G.: Analyzing recent trends in enterprise identity management. In: Proceedings of the 25th International Workshop on Database and Expert Systems Applications (DEXA), pp. 273\u2013277 (2014)","DOI":"10.1109\/DEXA.2014.62"},{"key":"9_CR28","first-page":"1","volume":"1","author":"J Lu","year":"2011","unstructured":"Lu, J., Li, R., Hu, J., Xu, D.: Inconsistency resolving of safety and utility in access control. J. Wirel. Commun. Networking 1, 1\u201312 (2011)","journal-title":"J. Wirel. Commun. Networking"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Marfia, F.: Using abductive and inductive inference to generate policy explanations. In: Proceedings of the International Conference on Security and Cryptography (SECRYPT) (2014)","DOI":"10.5220\/0005116004570462"},{"key":"9_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"351","DOI":"10.1007\/978-3-319-15934-8_24","volume-title":"Evolutionary Multi-Criterion Optimization","author":"E Medvet","year":"2015","unstructured":"Medvet, E., Bartoli, A., Carminati, B., Ferrari, E.: Evolutionary inference of attribute-based access control policies. In: Gaspar-Cunha, A., Henggeler Antunes, C., Coello, C.C. (eds.) EMO 2015. LNCS, vol. 9018, pp. 351\u2013365. Springer, Heidelberg (2015)"},{"key":"9_CR31","unstructured":"Meier, S., Fuchs, L., Pernul, G.: Managing the access grid-a process view to minimize insider misuse risks. In: Proceedings of the 11th International Tagung Wirtschaftsinformatik (WI) (2013)"},{"key":"9_CR32","doi-asserted-by":"crossref","unstructured":"Ngo, C., Makkes, M.X., Demchenko, Y., De Laat, C.: Multi-data-types interval decision diagrams for XACML evaluation engine. In: Proceedings of the 11th Annual International Conference on Privacy, Security and Trust (PST), pp. 257\u2013266 (2013)","DOI":"10.1109\/PST.2013.6596061"},{"key":"9_CR33","unstructured":"OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0 (2013)"},{"key":"9_CR34","unstructured":"O\u2019Connor, A.C., Loomis, R.J.: 2010 Economic Analysis of Role-Based Access Control. Technical report (2010)"},{"key":"9_CR35","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/1-4020-8128-6_2","volume-title":"Research Directions in Data and Applications Security XVIII","author":"J Park","year":"2004","unstructured":"Park, J., Zhang, X., Sandhu, R.: Attribute mutability in usage control. In: Farkas, C., Samarati, P. (eds.) Research Directions in Data and Applications Security XVIII, pp. 15\u201329. Springer, US (2004)"},{"key":"9_CR36","unstructured":"Priebe, T., Dobmeier, W., Muschall, B., Pernul, G.: ABAC-Ein Referenzmodell f\u00fcr attributbasierte Zugriffskontrolle. In: Sicherheit, vol. 62, pp. 285\u2013296 (2005)"},{"issue":"1","key":"9_CR37","doi-asserted-by":"publisher","first-page":"27","DOI":"10.4304\/jsw.2.1.27-38","volume":"2","author":"T Priebe","year":"2007","unstructured":"Priebe, T., Dobmeier, W., Schl\u00e4ger, C., Kamprath, N.: Supporting attribute-based access control in authorization and authentication infrastructures with ontologies. J. Softw. 2(1), 27\u201338 (2007)","journal-title":"J. Softw."},{"key":"9_CR38","unstructured":"Pries-Heje, J., Baskerville, R., Venable, J.: Strategies for design science research evaluation. In: Proceedings of the 16th European Conference on Information Systems (ECIS), pp. 1\u201312 (2008)"},{"issue":"4","key":"9_CR39","first-page":"3","volume":"23","author":"E Rahm","year":"2000","unstructured":"Rahm, E., Do, H.H.: Data cleaning: problems and current approaches. IEEE Database Eng. Bull. 23(4), 3\u201313 (2000)","journal-title":"IEEE Database Eng. Bull."},{"key":"9_CR40","volume-title":"Data Quality for the Information Age","author":"TC Redman","year":"1997","unstructured":"Redman, T.C.: Data Quality for the Information Age, 1st edn. Artech House Inc., Norwood (1997)","edition":"1"},{"key":"9_CR41","doi-asserted-by":"crossref","unstructured":"Rudolph, M., Schwarz, R., Jung, C.: Security policy specification templates for critical infrastructure services in the cloud. In: Proceedings of the 9th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 61\u201366 (2014)","DOI":"10.1109\/ICITST.2014.7038776"},{"key":"9_CR42","doi-asserted-by":"crossref","unstructured":"Sandhu, R.: The authorization leap from rights to attributes: maturation or chaos? In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 69\u201370 (2012)","DOI":"10.1145\/2295136.2295150"},{"key":"9_CR43","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"2","author":"RS Sandhu","year":"1996","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 2, 38\u201347 (1996)","journal-title":"Computer"},{"key":"9_CR44","doi-asserted-by":"crossref","unstructured":"Seamons, K., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for policy languages for trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 68\u201379 (2002)","DOI":"10.1109\/POLICY.2002.1011295"},{"key":"9_CR45","doi-asserted-by":"crossref","unstructured":"SOX: Sarbanes-Oxley Act of 2002, PL 107\u2013204, 116 Stat 745 (2002)","DOI":"10.2307\/1342618"},{"key":"9_CR46","doi-asserted-by":"crossref","unstructured":"Stepien, B., Felty, A., Matwin, S.: A non-technical XACML target editor for dynamic access control systems. In: Proceedings of the International Conference on Collaboration Technologies and Systems (CTS), pp. 150\u2013157 (2014)","DOI":"10.1109\/CTS.2014.6867558"},{"key":"9_CR47","doi-asserted-by":"crossref","unstructured":"Stepien, B., Matwin, S., Felty, A.: An algorithm for compression of XACML access control policy sets by recursive subsumption. In: Proceedings of the 7th International Conference on Availability, Reliability and Security (ARES), pp. 161\u2013167 (2012)","DOI":"10.1109\/ARES.2012.38"},{"key":"9_CR48","unstructured":"Strembeck, M.: Engineering of Dynamic Policy-Based Systems: A Policy Engineering of Dynamic Policy-Based Systems: Language Based Approach. Hab. Th. (2008)"},{"key":"9_CR49","doi-asserted-by":"crossref","unstructured":"Xiao, X., Paradkar, A., Thummalapenta, S., Xie, T.: Automated extraction of security policies from natural-language software documents. In: Proceedings of the 20th International Symposium on the Foundations of Software Engineering (SIGSOFT), p. 12 (2012)","DOI":"10.1145\/2393596.2393608"},{"key":"9_CR50","doi-asserted-by":"crossref","unstructured":"Xu, Z., Stoller, S.D.: Mining attribute-based access control policies from RBAC policies. In: Proceedings of the 10th International Conference and Expo on Emerging Technologies for a Smarter World (CEWIT), pp. 1\u20136 (2013)","DOI":"10.1109\/CEWIT.2013.6713753"},{"key":"9_CR51","series-title":"Lecture Notes in Computer Science","first-page":"276","volume-title":"Data and Applications Security and Privacy XXVIII","author":"Z Xu","year":"2014","unstructured":"Xu, Z., Stoller, S.D.: Mining attribute-based access control policies from logs. In: Atluri, V., Pernul, G. (eds.) DBSec 2014. LNCS, vol. 8566, pp. 276\u2013291. Springer, Heidelberg (2014)"},{"key":"9_CR52","doi-asserted-by":"crossref","unstructured":"Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the International Conference on Web Services (ICWS), p. 569 (2005)","DOI":"10.1109\/ICWS.2005.25"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-26961-0_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T20:20:27Z","timestamp":1748722827000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-26961-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319269603","9783319269610"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-26961-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}